First let me state that this particularly machine must be dual boot so it is not an option to get rid of or alter the Win7 or Rescue partitions.

Also note that HOME is encrypted. Originally by Ubuntu so I understand it to be encryptfs notLuks.

I am using the Gentoo Handbook to install but am using the LiveDVD vs the Minimal Installation CD and I am using 64bit.

I am all good until I get to Chapter 4 "Preparing the Disks" and Chapter 5 Installing the Gentoo Installation Files and then I am thoroughly lost.

I want to KEEP the partitions that I have and use them to install Gentoo. They are already formatted as ext4. How do I do this? What am I mounting and how do I put the Gentoo boot files on /sda7 and SZystem on sda8???

Last edited by Budoka on Tue Mar 26, 2013 3:31 am; edited 1 time in total

I want to KEEP the partitions that I have and use them to install Gentoo. They are already formatted as ext4. How do I do this? What am I mounting and how do I put the Gentoo boot files on /sda7 and SZystem on sda8???

From what I understand, you do not care about your existing ubuntu installation (except for the home part), then I would suggest that you just reformat those partitions (to start in a clean state), and then continue with the gentoo installation.

on a sidenote: I am not sure if (or how easy) your encrypted home can be accessed from gentoo. Just be sure, that you keep an unencrypted up-to-date backup of them, if you have to restore. if you have enough space on /home, then you could just add a copy there.

V._________________read the portage output!
If my answer is too concise, ask for an explanation.

I wouldn't reformat - it's trickier with a combined boot/root layout, but I'd keep
the currrent /boot directory and simply add the Gentoo kernel to the Ubuntu
boot menu. (This is easy in Grub 1, but on second thoughts, Ubuntu may
well be using Grub 2).

The advantage of this approach is that there is no risk of messing with your
Windows partitions or MBR; I have a laptop which really, really, doesn't
like that, so I use a separate /boot partition.

If I where you, my approach would be to back up the data in you /home directly. And by "back up" I really mean "copy so I can wipe the partition". Then I would wipe the entire Linux portion of the drive and format using a 32 mb /boot with an ext2 file system for ease of booting. I would construct the rest of the system out of a single lurks encrypted lvm. I believe you can used genkernel or dracut to build an initramfs with support for lvm and encryption. I have not actually done this with Gentoo yet, but I have done it with arch.

I would also say that if you are getting rid of ubuntu you should also migrate to a Gentoo-installed boot loader for ease of maintenance.

Trying to keep you partitions as is may be possible but they already have stuff on them and they are not really optimized for Gentoo. 21 GB for root is possible but that is about what I have and portage does complain about space for builds like libreoffice (and I had to move the distfiles out of the partition). The boot partition is also about 4 times bigger than it needs to be. With 32 mb I have 3 or 4 kernels and I still have plenty of space. I would say that you want about 30 GiB for your root at minimum. You might also want to try partitioning stuff off of the root directory like /var or /usr (This would require an initramfs as well).

The thing with formatting is it takes about 10 minutes (maybe 30 if you are getting fancy) which you really should consider as being within the margin of error for a Gentoo install. I like to measure my install time as 1 day. You are probably looking at more like 2 or 3 days if its your first install. I am not trying to scare you with these numbers. Most of that time is time spent compiling. The difficult part is when you need to go back and trouble shoot which can take some time until you get some practice.

Good luck with your project._________________First things first, but not necessarily in that order.

If I where you, my approach would be to back up the data in you /home directly. And by "back up" I really mean "copy so I can wipe the partition". Then I would wipe the entire Linux portion of the drive and format using a 32 mb /boot with an ext2 file system for ease of booting. I would construct the rest of the system out of a single lurks encrypted lvm. I believe you can used genkernel or dracut to build an initramfs with support for lvm and encryption. I have not actually done this with Gentoo yet, but I have done it with arch.

I would also say that if you are getting rid of ubuntu you should also migrate to a Gentoo-installed boot loader for ease of maintenance.

Trying to keep you partitions as is may be possible but they already have stuff on them and they are not really optimized for Gentoo. 21 GB for root is possible but that is about what I have and portage does complain about space for builds like libreoffice (and I had to move the distfiles out of the partition). The boot partition is also about 4 times bigger than it needs to be. With 32 mb I have 3 or 4 kernels and I still have plenty of space. I would say that you want about 30 GiB for your root at minimum. You might also want to try partitioning stuff off of the root directory like /var or /usr (This would require an initramfs as well).

The thing with formatting is it takes about 10 minutes (maybe 30 if you are getting fancy) which you really should consider as being within the margin of error for a Gentoo install. I like to measure my install time as 1 day. You are probably looking at more like 2 or 3 days if its your first install. I am not trying to scare you with these numbers. Most of that time is time spent compiling. The difficult part is when you need to go back and trouble shoot which can take some time until you get some practice.

Good luck with your project.

This sounds like a good option for me.

How large a root partition do you recommend? I've used 20 GB's for at least 4 distinct distros and haven't had any problem so am a little bit surprised that Gentoo requires more.

What is the advantage of using ext2 for the boot partition vs ext4?

I canned Ubuntu a while back and was checking out Linux Mint. Yeah I know, it is still Ubuntu, but even with a 200MiB boot partition both distros would throw disk space warnings on that partition. Free space floats between 4-6 MiB and I generally just ignore it because booting has been fine.

Last edited by Budoka on Fri Jul 06, 2012 6:02 am; edited 1 time in total

The Handbook outlines the process to use the minimal installation CD which I find to be a pain in the a** because I can't get the network configured. The guide indicates that any Gentoo Live CD/DVD can be used for the install but I can't find a guide for that. Is there one? I still want to do the install with a stage 3 tarball as recommended vs putting the LiveDVD on my HD (I did find a guide for that)

I would say 30 GiB would be about right. Note that the LVM aid posted below includes ideas about partition size, and they come out to about 27 GiB. The reason that gentoo needs more space is because /var is used to compile your programs.

While you can use 20 GiB, I have found that to be cutting it too close for comfort.

Also the networking in the min CD is a royal pain. May I sugjest you use the System Rescue CD instead? It does not changes the install process but it does give you X with xfce, firefox, and working network out of the box in most cases. Nothing in the install CD actually gets used in your final system, you just need the tools to build your system.

I would read through them first a few times and make sure you know 1) what you want to do and 2) how to do it. Installing Gentoo is tricky enough the first time without trying something fancy. There really is no reason why you can't, it just takes a little more planning.

Good Luck!_________________First things first, but not necessarily in that order.

I don't see any red flags except that with /var on a separate partition udev might give you some grief. I am not exaclty sure as it seems to be mostly rumor. You will definatly be fine if as you use an initramfs or the new udev fork.

There are reasons to break up the root partition into as many as practical sections, but it is by no means required. I would say that it is not that important. If necessary you can manually clean the /usr/portage/distfiles directory to make more space. What a separate /var really does (practically) is protect you from log spam. At most, you can have a log that is 10 Gib, applications complaining left and right, and a system that still boots to solve the problem. A full root could prevent this.

Technically speaking, you can do this all with one partition. Its just a matter what you want to do. A separate /home is good for backup purposes, a separate /var prevents log spam from completely overwhelming your system, a separate /usr and /opt <does something>, etc. This really just comes down to style. So to answer your question, it is not necessary to put /usr/portage in its own partition.

As for your swap, the formula is swap=ram for suspend, so you're are more than good there.

The one (possible) concern is that your swap and operating system will not be protected with just an encrypted home. If you are not concerned about this, then its not a problem. If you are, I can say from experience that encrypting the entire system is not quite as daunting as it sounds._________________First things first, but not necessarily in that order.

I don't see any red flags except that with /var on a separate partition udev might give you some grief. I am not exaclty sure as it seems to be mostly rumor. You will definatly be fine if as you use an initramfs or the new udev fork.

There are reasons to break up the root partition into as many as practical sections, but it is by no means required. I would say that it is not that important. If necessary you can manually clean the /usr/portage/distfiles directory to make more space. What a separate /var really does (practically) is protect you from log spam. At most, you can have a log that is 10 Gib, applications complaining left and right, and a system that still boots to solve the problem. A full root could prevent this.

Technically speaking, you can do this all with one partition. Its just a matter what you want to do. A separate /home is good for backup purposes, a separate /var prevents log spam from completely overwhelming your system, a separate /usr and /opt <does something>, etc. This really just comes down to style. So to answer your question, it is not necessary to put /usr/portage in its own partition.

As for your swap, the formula is swap=ram for suspend, so you're are more than good there.

The one (possible) concern is that your swap and operating system will not be protected with just an encrypted home. If you are not concerned about this, then its not a problem. If you are, I can say from experience that encrypting the entire system is not quite as daunting as it sounds.

Thank you Doctor.

I think since this is my first Gentoo install and I aready have the added complication of encryption I will just forego var on a seperate partition. udev and initramfs are out of my area of expertise so rather not take the risk.

I was breaking out root because I was under the mistaken impression that boot and root couldn't be easily encrypted say vs Home and Swap. I was intending on encrypting swap as well.

I'll reduce my swap to swap=ram. Disk space is cheap now but I could definitely use the extra 8GB.

I would indeed like to encrypt the entire system which means I need to read through the documentation you provided again. Haha.

I am currently writing random data to the partition that will house the Gentoo install so have LOTS of time to read.

You don't need to fear the initramfs. Since this is your first install you should use genkernel, even if you want to use a custom kernel latter. I say this not because there is anything better about it but because it is more likely to work. If you add the --crypt flag to genkernel it will build the initramfs for you. It actually will do this automatically as it really is a general kernel.

If you intend to encrypt your entire volume, here is my advice.

make 2 partitions, /boot and the second one for everything else. place a lurks volume on the second volume and then add lvm to that. It is a bit more work but the benefit is that swap, / and /home will all be encrypted with a single password so you only need to enter it once. Another benefit is that you can change the size of your partitions if you chose. Of course there is nothing wrong with 3 separate volumes if you prefer to do it that way.

The initramfs can be a pain in the neck if you roll your own. I would not use dracut as it seems to be having some trouble with the lvm modules recently. Genkernel will do everything you want it to, so there is no harm in using it. It does replaces the entire bit about busybox on the DM-Crypt with lurks page. Basically all you need from there is how to create the volumes and enter them in /etc/fstab

If you mess up and need to back in manually, you can decrypt your partitions like this: cryptsetup luksOpen /dev/sda3 <luks> where /dev/sda3 is replaced by your partition and <luks> is what ever you actually called the volume. You never know why you might need this. My reason was a minor typo that prevented the system from booting.

I just did an instillation like this over the weekend and I can say the worst part was keeping track of my volume names. I recommend writing those down._________________First things first, but not necessarily in that order.

Oh, I kind of forgot to say this, but it relevant: with encrypted root you will be using an initramfs anyway so that should not be a reason for not creating extra partitions if you want them. As I said before, genkernel will sort out your partitions automatically._________________First things first, but not necessarily in that order.

make 2 partitions, /boot and the second one for everything else. place a lurks volume on the second volume and then add lvm to that. It is a bit more work but the benefit is that swap, / and /home will all be encrypted with a single password so you only need to enter it once. Another benefit is that you can change the size of your partitions if you chose. Of course there is nothing wrong with 3 separate volumes if you prefer to do it that way.

...

Thanks for all of the great info/advice. It is really helpful.

I am a little confused. I was under the impression that swap had to be a separate partition.

If I create 2 partitions as you suggest, how does boot get encrypted? Or is that impossible?

If I break it out onto different partitions does that mean I can't use one password to login and decrypt?

What do I create the 2nd partition as (ie: Gparted gives options such as swap, /, Home, etc) I am going to guess that it would be /. I know that will create a home dir but will it also cresate a swap? Hopefully you understand what I am asking. I am sure the questioin sounds just as confused as I am.

/boot does not get encrypted. You still need something that the bootloader can read. I think grub2 can do somthing about that, but I don't know much about that except that grub2 is a beast to work with.

Under lvm, swap does get its own partition. Its just a lvm partition rather than a physical one.

If you have more than one luks volume, I believe they each need their own password. Nothing prevents you from reusing the same password if you choose.

Under Gparted you would create physical volumes, that is /boot and /. The using lvm you would create new partitions using a label, root, swap, home, etc. that you wound then create file systems on. Basically lvm moves partitioning from 1 step to 3. Step 1 is to make physical volumes, step 2 is to add luks to the second volume, and the 3 step is to set up the lvm partitions.

The difference between lvm and gparted is that lvm partitions are created based on single commands, not from a shell, and they can be resized latter. They are also live in software on the disk rather than being defined on the disk's partition table. This has another benefit: changing lvm volume sizes. Growing is easier than shrinking, but shrinking is supported depending on file system. For example, ext3/4 can shrink while jfs can only grow._________________First things first, but not necessarily in that order.

/boot does not get encrypted. You still need something that the bootloader can read. I think grub2 can do somthing about that, but I don't know much about that except that grub2 is a beast to work with.

Under lvm, swap does get its own partition. Its just a lvm partition rather than a physical one.

If you have more than one luks volume, I believe they each need their own password. Nothing prevents you from reusing the same password if you choose.

Under Gparted you would create physical volumes, that is /boot and /. The using lvm you would create new partitions using a label, root, swap, home, etc. that you wound then create file systems on. Basically lvm moves partitioning from 1 step to 3. Step 1 is to make physical volumes, step 2 is to add luks to the second volume, and the 3 step is to set up the lvm partitions.

The difference between lvm and gparted is that lvm partitions are created based on single commands, not from a shell, and they can be resized latter. They are also live in software on the disk rather than being defined on the disk's partition table. This has another benefit: changing lvm volume sizes. Growing is easier than shrinking, but shrinking is supported depending on file system. For example, ext3/4 can shrink while jfs can only grow.

I must admit I am still a little fuzzy, particularly about the order of events, so please bear with me.

So when I first create boot and / with gparted, what am I creating? By that I mean, and I am indicating file system (ext4) and mount points (/boot and /)?

Then I use LVM, which I am going to have to re-read another dozen times to really grasp, to create logical volumes swap and home, in addition to all the other stuff that would normally be in root? (I noticed in the LVM documentation it indicates this is not recommended but since you provided a way to backout I am not overly concerned)

Well, you can't really go from LVM to no LVM without re-installing. What the warning is about is that if something goes wrong with the LVM, you loose your root. But the same thing goes for encryption, so its really the same thing.

OK, here is what is happening. I assume that you have the following: 1 partition 200 mb for /boot I will assume is called /dev/sda1 and a second called /dev/sda2 that you want to use for everything else. Gparted only makes partitions, not file systems, so there is nothing on them yet.

This will create the encrypted file system using the serpent cipher. You will then be promoted to give it a password with adequate warnings.
WARNING: Lose this password and you will NEVER get back in

Next you need to open it, which this command does (all the time, so if you ever need to get back into you drive, this is how)

Code:

cryptsetup luksOpen /dev/sda2 root

Now you need the LVM:

I don't remember how many of the preliminary commands are necessary. I don't think you need to mess with the .config, its just a time saver.

So now, you need to prepare the partitions:

Code:

pvcreate /dev/mapper/root

Notice that we now use /dev/mapper/root NOT /dev/sda2

Next create the volume group. You can replace vg with the name of your choice, its just a label so its not too important.

Code:

vgcreate vg /dev/mapper/root

Next make your partitions. Here is what you specified before as your plan:

20GB root
10GB var
8GB swap (I think in your case it would be prudent to give swp an extra gig, just in case.)
Remaining to HOME
Given that it is a lvm, I would make home not that big as you can make it bigger latter, but smaller may be a problem. I'll post 2 ways of doing the next step. The command is lvcreate. It makes the partitions. The -L specifics the size G stands for Gib. Make sure you keep the G as the default is in Mib. -n specifies the name that follows and vg is the name of the group you wish to use.

You can leave the last two lines alone. Note that the noauto is enabled on /boot so it will not be automatically mounted!

Also be sure toemerge lvm2 along with your system logger and cron.

For the boot loader, you need to these command line arguments real_root=/dev/mapper/vg-root crypt_root=/dev/sda2 dolvm ro The real_root tells genkerel where to hand the root off to once mounted, the crypt root is the location of the encrypted volume, dolvm makes genkernel assemble lvm for you, and ro means "read only" for your file system. It will get remounted read/write latter, but for boot up you want it ro.

That should be it! reboot and enjoy your new install._________________First things first, but not necessarily in that order.

I will read through everything once more and then attempt this install. Hopefully I will come back with a smile and good news.

I only have one last question. This is a dual boot machine so my partition isn't on sda1 and sda2 but something farther down the line. Not on that box now so can't check but want to say sda4/5 or 5/6. That should be ok right? Also I assumed grub should pick up my Win partition when configured. Is that correct?

Thats fine, just make the proper substitutions. I should also warn you that the warning on the LVM page aplies double here. You have two single points of failure (the lvm and the lurks) that can wipe all your data.
The best defense is to be sure to make periodic backups of your data so if your hard drive fails you don't loos everything._________________First things first, but not necessarily in that order.

Thats fine, just make the proper substitutions. I should also warn you that the warning on the LVM page aplies double here. You have two single points of failure (the lvm and the lurks) that can wipe all your data.
The best defense is to be sure to make periodic backups of your data so if your hard drive fails you don't loos everything.

Will do.

Once again thank you for taking the time to help me. It is REALLY appreciated.

I will post an update in the next couple of days. Plan on starting tonight.

I really did try to find out how to solve this on my own before asking but,

I am not able to create swap with this command. "lvcreate -L9G -nswp vg" . It kicks out the following error:

"Logical volume name "swp " is invalid. Run `lvcreate --help' for more information."

I have read the help and don't see anything helpful. Even tried substituting -nswap instead and still throws same error. Google didn't provide anything useful about naming conventions when creating logical volumes.

Any ideas?

Up until now everything has been good.

Only modprobe aes threw an error.

Just as a side note am I suppose to be working in any partcular directory when doing this? I have been working in the rootdir of the systemrescuecd.

Well, the aes error must be harmless because you are working inside the luks volume right now.

You honestly have me stumped here. I would guess there is a typo somewhere. Try running this: ls /dev/vg. It should give you a list of volumes that have been created. You may have created it already. If that does not work try entering it by hand or changing the name.

You don't need to be in a specific directory here. LVM knows where its volumes are located.

Best of luck._________________First things first, but not necessarily in that order.

Well, the aes error must be harmless because you are working inside the luks volume right now.

You honestly have me stumped here. I would guess there is a typo somewhere. Try running this: ls /dev/vg. It should give you a list of volumes that have been created. You may have created it already. If that does not work try entering it by hand or changing the name.

You don't need to be in a specific directory here. LVM knows where its volumes are located.

Best of luck.

Once again, thank you for your help and patience. I am sure that at some point we Noobs must be frustrating.

1) That indeed was the problem. There was an extra space before vg. When I entered by hand it solved the problem. Thanks.

2) But now I encountered another problem. When I ls /dev/vg it shows only swap, var, and home. I did create root as indicated and when running the lvcreate command for nroot again it indicates that is already exists. I have been able to map boot, swap, var, and home and create the fs but when I run the command for root it throws a "could not stat /dev/mapper/vg-root --- No such file or directory.The device apparently does not exist; did you specify it correctly?" Really baffled.

Part of my confusion is that partitioning has never been my strong point and now I am doing it as LV's on an encrypted partition which really puts me out of my element. Is there a way that I can verify that steps I am taking are happening successfully? It might help me to troubleshoot further on my own.

One other question,

lvcreate -L20G -nhome vg # for 20 Gig home and the rest to be reditributed as needed
# Or do this
lvcreate -l 100%FREE -nhome vg

Does that mean the rest will be redistributed to home as needed ie: it will grow automatically, or does thatit means it will allocate remaining space top other directories required by Gentoo? I didn't want to create a 100GB home and then have 700GB assigned to var, usr, etc so I chose the second option you provided. But I must confess I have no idea what it does.